@article{20718,
  author       = {{Rasthofer, Siegfried and Arzt, Steven and Bodden, Eric and Miltenberger, Marc}},
  journal      = {{Datenschutz und Datensicherheit}},
  keywords     = {{ATTRACT, ITSECWEBSITE}},
  pages        = {{718--722}},
  title        = {{{Harvester - Vollautomatische Extraktion von Laufzeitwerten aus obfuskierten Android-Applikationen}}},
  doi          = {{https://www.springerprofessional.de/en/datenschutz-und-datensicherheit-dud-11-2016/10866536}},
  year         = {{2016}},
}

@inproceedings{20719,
  author       = {{Holzinger, Philipp and Triller, Stefan and Bartel, Alexandre and Bodden, Eric}},
  booktitle    = {{Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security}},
  isbn         = {{978-1-4503-4139-4}},
  keywords     = {{ATTRACT, access control, exploits, java security, security analysis, ITSECWEBSITE}},
  pages        = {{779--790}},
  title        = {{{An In-Depth Study of More Than Ten Years of Java Exploitation}}},
  doi          = {{http://doi.acm.org/10.1145/2976749.2978361}},
  year         = {{2016}},
}

@inproceedings{20720,
  author       = {{Follner, Andreas and Bartel, Alexandre and Peng, Hui and Chang, Yu-Chen and Ispoglou, Kyriakos and Payer, Mathias and Bodden, Eric}},
  booktitle    = {{International Workshop on Security and Trust Management (STM)}},
  pages        = {{212--228}},
  title        = {{{PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution}}},
  year         = {{2016}},
}

@inproceedings{20721,
  author       = {{Nguyen Quang Do, Lisa and Eichberg, Michael and Bodden, Eric}},
  booktitle    = {{Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis}},
  keywords     = {{ATTRACT}},
  pages        = {{13--17}},
  title        = {{{Toward an Automated Benchmark Management System}}},
  year         = {{2016}},
}

@inproceedings{20722,
  author       = {{Arzt, Steven and Kussmaul, Tobias and Bodden, Eric}},
  booktitle    = {{Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis}},
  pages        = {{1--6}},
  title        = {{{Towards Cross-Platform Cross-Language Analysis with Soot}}},
  year         = {{2016}},
}

@article{20724,
  author       = {{Follner, Andreas and Bodden, Eric}},
  issn         = {{2214-2126}},
  journal      = {{Journal of Information Security and Applications }},
  pages        = {{16--26}},
  title        = {{{ROPocop — Dynamic mitigation of code-reuse attacks}}},
  doi          = {{http://dx.doi.org/10.1016/j.jisa.2016.01.002}},
  volume       = {{29}},
  year         = {{2016}},
}

@inproceedings{20725,
  author       = {{Follner, Andreas and Bartel, Alexandre and Bodden, Eric}},
  booktitle    = {{International Symposium on Engineering Secure Software and Systems (ESSoS)}},
  title        = {{{Analyzing the Gadgets - Towards a Metric to Measure Gadget Quality}}},
  year         = {{2016}},
}

@inproceedings{20726,
  author       = {{Falzon, Kevin and Bodden, Eric}},
  booktitle    = {{Principles of Security and Trust: 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2--8, 2016, Proceedings}},
  editor       = {{Piessens, Frank and Vigan'o, Luca}},
  isbn         = {{978-3-662-49635-0}},
  pages        = {{116--138}},
  publisher    = {{Springer Berlin Heidelberg}},
  title        = {{{Towards a Comprehensive Model of Isolation for Mitigating Illicit Channels}}},
  doi          = {{10.1007/978-3-662-49635-0_7}},
  year         = {{2016}},
}

@inproceedings{20727,
  author       = {{Rasthofer, Siegfried and Arzt, Steven and Miltenberger, Marc and Bodden, Eric}},
  booktitle    = {{Network and Distributed System Security Symposium (NDSS)}},
  keywords     = {{ATTRACT, ITSECWEBSITE}},
  title        = {{{Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques}}},
  year         = {{2016}},
}

@inproceedings{20728,
  author       = {{Nadi, Sarah and Krüger, Stefan and Mezini, Mira and Bodden, Eric}},
  booktitle    = {{International Conference for Software Engineering (ICSE)}},
  keywords     = {{CROSSING, ITSECWEBSITE}},
  pages        = {{935--946}},
  title        = {{{Jumping Through Hoops: Why do Java Developers Struggle With Cryptography APIs?}}},
  year         = {{2016}},
}

@inproceedings{20729,
  author       = {{Arzt, Steven and Bodden, Eric}},
  booktitle    = {{International Conference for Software Engineering (ICSE)}},
  keywords     = {{ITSECWEBSITE}},
  title        = {{{StubDroid: Automatic Inference of Precise Data-flow Summaries for the Android Framework}}},
  year         = {{2016}},
}

@inproceedings{20730,
  author       = {{Eling, N. and Rasthofer, S. and Kolhagen, M. and Bodden, Eric and Buxmann, P.}},
  booktitle    = {{2016 49th Hawaii International Conference on System Sciences (HICSS)}},
  issn         = {{1530-1605}},
  pages        = {{3666--3675}},
  title        = {{{Investigating Users' Reaction to Fine-Grained Data Requests: A Market Experiment}}},
  doi          = {{10.1109/HICSS.2016.458}},
  year         = {{2016}},
}

@inproceedings{5205,
  author       = {{Späth, Johannes and Nguyen Quang Do, Lisa and Ali, Karim and Bodden, Eric}},
  booktitle    = {{European Conference on Object-Oriented Programming (ECOOP)}},
  keywords     = {{ATTRACT, ITSECWEBSITE}},
  title        = {{{Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java}}},
  year         = {{2016}},
}

@inproceedings{5207,
  author       = {{Li, Li and Bartel, Alexandre and Bissyande, Tegawende F. and Klein, Jacques and Le Traon, Yves and Arzt, Steven and Rasthofer, Siegfried and Bodden, Eric and Octeau, Damien and McDaniel, Patrick}},
  booktitle    = {{2015 International Conference on Software Engineering (ICSE)}},
  isbn         = {{978-1-4799-1934-5}},
  keywords     = {{CROSSING, ATTRACT, ITSECWEBSITE}},
  pages        = {{280--291}},
  title        = {{{IccTA: Detecting Inter-Component Privacy Leaks in Android Apps}}},
  year         = {{2015}},
}

@inproceedings{5734,
  author       = {{Lerch, Johannes and Hermann, Ben and Bodden, Eric and Mezini, Mira}},
  booktitle    = {{Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering - FSE 2014}},
  isbn         = {{9781450330565}},
  publisher    = {{ACM Press}},
  title        = {{{FlowTwist: efficient context-sensitive inside-out taint analysis for large codebases}}},
  doi          = {{10.1145/2635868.2635878}},
  year         = {{2014}},
}

@inproceedings{5189,
  author       = {{Arzt, Steven and Rasthofer, Siegfried and Fritz, Christian and Bodden, Eric and Bartel, Alexandre and Klein, Jacques and Le Traon, Yves and Octeau, Damien and McDaniel, Patrick}},
  booktitle    = {{Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation - PLDI '14}},
  isbn         = {{9781450327848}},
  publisher    = {{ACM Press}},
  title        = {{{FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps}}},
  doi          = {{10.1145/2594291.2594299}},
  year         = {{2014}},
}

@inproceedings{5190,
  author       = {{Arzt, Steven and Rasthofer, Siegfried and Lovat, Enrico and Bodden, Eric}},
  booktitle    = {{International Conference on Availability, Reliability and Security (ARES 2014)}},
  pages        = {{40--49}},
  publisher    = {{IEEE}},
  title        = {{{DroidForce: Enforcing Complex, Data-Centric, System-Wide Policies in Android}}},
  year         = {{2014}},
}

@article{5183,
  author       = {{Bodden, Eric and Lam, Patrick and Hendren, Laurie}},
  issn         = {{0164-0925}},
  journal      = {{ACM Transactions on Programming Languages and Systems}},
  number       = {{2}},
  pages        = {{1--52}},
  publisher    = {{Association for Computing Machinery (ACM)}},
  title        = {{{Partially Evaluating Finite-State Runtime Monitors Ahead of Time}}},
  doi          = {{10.1145/2220365.2220366}},
  volume       = {{34}},
  year         = {{2012}},
}